diff options
Diffstat (limited to 'security')
29 files changed, 250 insertions, 102 deletions
diff --git a/security/Makefile b/security/Makefile index 39de649f8d2d..0343c9fd1932 100644 --- a/security/Makefile +++ b/security/Makefile @@ -938,6 +938,7 @@ SUBDIR += py-dfdatetime SUBDIR += py-dfwinreg SUBDIR += py-dirhash + SUBDIR += py-distro2sbom SUBDIR += py-django-auth-kerberos SUBDIR += py-docker-pycreds SUBDIR += py-ecdsa @@ -980,6 +981,7 @@ SUBDIR += py-keyring SUBDIR += py-keyrings.alt SUBDIR += py-krb5 + SUBDIR += py-lib4sbom SUBDIR += py-libnacl SUBDIR += py-liboqs-python SUBDIR += py-m2crypto diff --git a/security/amavisd-new/Makefile b/security/amavisd-new/Makefile index 698c96f64b45..7a01601fa668 100644 --- a/security/amavisd-new/Makefile +++ b/security/amavisd-new/Makefile @@ -1,5 +1,5 @@ PORTNAME= amavisd-new -DISTVERSION= 2.13.1 +DISTVERSION= 2.14.0 PORTEPOCH= 1 CATEGORIES= security @@ -23,7 +23,7 @@ USE_PERL5= run USE_GITLAB= yes GL_ACCOUNT= amavis GL_PROJECT= amavis -GL_TAGNAME= cdd11b069e20a4cb99960614ca9c3eb385d4e200 +GL_TAGNAME= fc0e86edb3fd4fb779e4e906fb1cc61fdf7e6e7f SHEBANG_FILES= bin/amavisd bin/amavisd-agent bin/amavisd-nanny \ bin/amavisd-release bin/amavisd-snmp-subagent \ diff --git a/security/amavisd-new/distinfo b/security/amavisd-new/distinfo index 109ac9ef9616..3cde9f37a62e 100644 --- a/security/amavisd-new/distinfo +++ b/security/amavisd-new/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1747417723 -SHA256 (amavis-amavis-cdd11b069e20a4cb99960614ca9c3eb385d4e200_GL0.tar.gz) = beebeaa0bbdd6d59301d5e140f0d71f716588e6e3fcfe73a26594ff1f2c7704c -SIZE (amavis-amavis-cdd11b069e20a4cb99960614ca9c3eb385d4e200_GL0.tar.gz) = 1132629 +TIMESTAMP = 1752691896 +SHA256 (amavis-amavis-fc0e86edb3fd4fb779e4e906fb1cc61fdf7e6e7f_GL0.tar.gz) = bd722b9096b52d383efcf6b3f91a75399c08973a396e6e27da6efa9733555ef3 +SIZE (amavis-amavis-fc0e86edb3fd4fb779e4e906fb1cc61fdf7e6e7f_GL0.tar.gz) = 1136776 diff --git a/security/cosign/Makefile b/security/cosign/Makefile index 6ea8e79ac6f6..ae77371b9728 100644 --- a/security/cosign/Makefile +++ b/security/cosign/Makefile @@ -1,7 +1,6 @@ PORTNAME= cosign DISTVERSIONPREFIX= v -DISTVERSION= 2.5.2 -PORTREVISION= 1 +DISTVERSION= 2.5.3 CATEGORIES= security MAINTAINER= bofh@FreeBSD.org @@ -24,7 +23,7 @@ GO_BUILDFLAGS= -ldflags="-buildid= \ PLIST_FILES= bin/${PORTNAME} -GIT_HASH= af5a988bb15a03919ccaac7a2ddcad7a9d006f38 +GIT_HASH= 488ef8ceed5ab5d77379e9077a124a0d0df41d06 .include <bsd.port.pre.mk> diff --git a/security/cosign/distinfo b/security/cosign/distinfo index 621a1398dec8..162267863be7 100644 --- a/security/cosign/distinfo +++ b/security/cosign/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1751444102 -SHA256 (go/security_cosign/cosign-v2.5.2/v2.5.2.mod) = 5bc5ad2f641929f53eeb4fcec33fba55b78a51cf707f53f74feae8a0e7ad0bae -SIZE (go/security_cosign/cosign-v2.5.2/v2.5.2.mod) = 15326 -SHA256 (go/security_cosign/cosign-v2.5.2/v2.5.2.zip) = 91f0aebf97ae40581273a4e44fad958ce7ff02dd232663f9fffd074596efa82e -SIZE (go/security_cosign/cosign-v2.5.2/v2.5.2.zip) = 1274354 +TIMESTAMP = 1752874321 +SHA256 (go/security_cosign/cosign-v2.5.3/v2.5.3.mod) = 3d3e90c2ad6b9f1dc45c9f83c5408d4296d80ae3728998504d9d3e077dd19afe +SIZE (go/security_cosign/cosign-v2.5.3/v2.5.3.mod) = 16693 +SHA256 (go/security_cosign/cosign-v2.5.3/v2.5.3.zip) = e0158a5721ba7c8e2b775af499c07d89957ae42177a1794c8382e1e91901b531 +SIZE (go/security_cosign/cosign-v2.5.3/v2.5.3.zip) = 1335557 diff --git a/security/kf6-kdesu/distinfo b/security/kf6-kdesu/distinfo index bea35261fd90..52e78e907b29 100644 --- a/security/kf6-kdesu/distinfo +++ b/security/kf6-kdesu/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1749476629 -SHA256 (KDE/frameworks/6.15/kdesu-6.15.0.tar.xz) = 9eb4c11a1742af2cb17cf1e7e18bb0fbdb45ee16f083739c418cbe9d45af1806 -SIZE (KDE/frameworks/6.15/kdesu-6.15.0.tar.xz) = 57012 +TIMESTAMP = 1752529520 +SHA256 (KDE/frameworks/6.16/kdesu-6.16.0.tar.xz) = f9cbfae88596cfd00b269744c89a042dfbc048273e35f1c7e158429db55c8d68 +SIZE (KDE/frameworks/6.16/kdesu-6.16.0.tar.xz) = 57016 diff --git a/security/nss/Makefile b/security/nss/Makefile index b99ebcb77547..f8c7e5630703 100644 --- a/security/nss/Makefile +++ b/security/nss/Makefile @@ -1,5 +1,5 @@ PORTNAME= nss -PORTVERSION= 3.113.1 +PORTVERSION= 3.114 CATEGORIES= security MASTER_SITES= MOZILLA/security/${PORTNAME}/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src diff --git a/security/nss/distinfo b/security/nss/distinfo index fe38e674c30a..df00638ab54d 100644 --- a/security/nss/distinfo +++ b/security/nss/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1751391207 -SHA256 (nss-3.113.1.tar.gz) = b8c586cc0ac60b76477f62483f664f119c26000a8189dd9ef417df7dbd33a2cc -SIZE (nss-3.113.1.tar.gz) = 76626220 +TIMESTAMP = 1752847969 +SHA256 (nss-3.114.tar.gz) = cac3c0d67028804fb316e9695f81749fa4dc118e731d674b4c4c347bd849c2f1 +SIZE (nss-3.114.tar.gz) = 76653541 diff --git a/security/nss/files/patch-bug1973105 b/security/nss/files/patch-bug1973105 deleted file mode 100644 index ef2eea831b0d..000000000000 --- a/security/nss/files/patch-bug1973105 +++ /dev/null @@ -1,23 +0,0 @@ -commit 98cb80c5fba9550451f6df711a2ae460608acd5e -Author: Christoph Moench-Tegeder <cmt@burggraben.net> - - Bug 1973105 - remove out-of-function semicolon, r=rrelyea - - given the right flags, consumers of nss may fail with - : /usr/local/include/nss/pkcs11n.h:633:92: error: extra ';' outside of a function [-Werror,-Wextra-semi] - - Differential Revision: https://phabricator.services.mozilla.com/D254438 - -diff --git lib/util/pkcs11n.h lib/util/pkcs11n.h -index cba3f63ae..9365d697a 100644 ---- lib/util/pkcs11n.h -+++ lib/util/pkcs11n.h -@@ -630,7 +630,7 @@ _NSS_DEPRECATE_DEFINE_TYPE(CK_TRUST, CKT_NSS_VALID, - #define CKT_NSS_VALID \ - _NSS_DEPRECATE_DEFINE_VALUE(CKT_NSS_VALID, CKT_NSS_NOT_TRUSTED) - _NSS_DEPRECATE_DEFINE_TYPE(CK_TRUST, CKT_NSS_MUST_VERIFY, -- "CKT_NSS_MUST_VERIFY really functions as CKT_NSS_TRUST_UNKNOWN"); -+ "CKT_NSS_MUST_VERIFY really functions as CKT_NSS_TRUST_UNKNOWN") - #define CKT_NSS_MUST_VERIFY \ - _NSS_DEPRECATE_DEFINE_VALUE(CKT_NSS_MUST_VERIFY, CKT_NSS_TRUST_UNKNOWN) - diff --git a/security/plasma6-kscreenlocker/distinfo b/security/plasma6-kscreenlocker/distinfo index b29b38d6d151..cd888278e07e 100644 --- a/security/plasma6-kscreenlocker/distinfo +++ b/security/plasma6-kscreenlocker/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1751380541 -SHA256 (KDE/plasma/6.4.2/kscreenlocker-6.4.2.tar.xz) = ef2bc8c2f1f0df75c67778c4208a5ee02c0546356ef8352dd1ffdee867283cc4 -SIZE (KDE/plasma/6.4.2/kscreenlocker-6.4.2.tar.xz) = 183732 +TIMESTAMP = 1752584471 +SHA256 (KDE/plasma/6.4.3/kscreenlocker-6.4.3.tar.xz) = 3441174426fd18524ca59fa2246f9ee99c31dec0fd89eaa79705e6a32d1dcac3 +SIZE (KDE/plasma/6.4.3/kscreenlocker-6.4.3.tar.xz) = 183744 diff --git a/security/plasma6-ksshaskpass/distinfo b/security/plasma6-ksshaskpass/distinfo index 87b4a2ee1759..85e6bb88f3e3 100644 --- a/security/plasma6-ksshaskpass/distinfo +++ b/security/plasma6-ksshaskpass/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1751380542 -SHA256 (KDE/plasma/6.4.2/ksshaskpass-6.4.2.tar.xz) = 6ef3811239c2ec505859f6c483927d6d69a59fbd8d6da41b385a977c231efffc -SIZE (KDE/plasma/6.4.2/ksshaskpass-6.4.2.tar.xz) = 30792 +TIMESTAMP = 1752584472 +SHA256 (KDE/plasma/6.4.3/ksshaskpass-6.4.3.tar.xz) = 965f89a01aa91c07ed5b8aed2be3521f88e98b22e1277846f12440c9760baf10 +SIZE (KDE/plasma/6.4.3/ksshaskpass-6.4.3.tar.xz) = 30796 diff --git a/security/plasma6-kwallet-pam/distinfo b/security/plasma6-kwallet-pam/distinfo index 3eb96bb2863b..2311ddd3d4b4 100644 --- a/security/plasma6-kwallet-pam/distinfo +++ b/security/plasma6-kwallet-pam/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1751380542 -SHA256 (KDE/plasma/6.4.2/kwallet-pam-6.4.2.tar.xz) = fc5578ae860d74ce7695cf0b561a72bcf4730636694d8debfc10c85e97296ae9 -SIZE (KDE/plasma/6.4.2/kwallet-pam-6.4.2.tar.xz) = 22396 +TIMESTAMP = 1752584472 +SHA256 (KDE/plasma/6.4.3/kwallet-pam-6.4.3.tar.xz) = 08151ca03e7b8a8e7696927e3aadc3095cf48081748c983798dac35ab5fd0cde +SIZE (KDE/plasma/6.4.3/kwallet-pam-6.4.3.tar.xz) = 22396 diff --git a/security/py-bitbox02/Makefile b/security/py-bitbox02/Makefile index eaaf1176ddc9..4f3cdf714655 100644 --- a/security/py-bitbox02/Makefile +++ b/security/py-bitbox02/Makefile @@ -1,6 +1,5 @@ PORTNAME= bitbox02 -PORTVERSION= 6.3.0 -PORTREVISION= 1 +PORTVERSION= 7.0.0 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-bitbox02/distinfo b/security/py-bitbox02/distinfo index d01b3b8fa461..b938507110b9 100644 --- a/security/py-bitbox02/distinfo +++ b/security/py-bitbox02/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1714984118 -SHA256 (bitbox02-6.3.0.tar.gz) = d03fb2228be5630f1d7c351e5bebdcb9a95bbe62ecf88c92913a661f093699e3 -SIZE (bitbox02-6.3.0.tar.gz) = 51670 +TIMESTAMP = 1752818570 +SHA256 (bitbox02-7.0.0.tar.gz) = 27d5105eb15a553719fa9d3e68921c864b00c861b3a644044d9ac68426f18447 +SIZE (bitbox02-7.0.0.tar.gz) = 66525 diff --git a/security/py-distro2sbom/Makefile b/security/py-distro2sbom/Makefile new file mode 100644 index 000000000000..01cfe2f6630a --- /dev/null +++ b/security/py-distro2sbom/Makefile @@ -0,0 +1,26 @@ +PORTNAME= distro2sbom +DISTVERSIONPREFIX= v +DISTVERSION= 0.6.0 +CATEGORIES= security python +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= tuukka.pasanen@ilmi.fi +COMMENT= Generates SBOM files from system packaging information +WWW= https://github.com/anthonyharrison/distro2sbom + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE + +BUILD_DEPENDS= ${PY_SETUPTOOLS} \ + ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}lib4sbom>=0.8.4:security/py-lib4sbom@${PY_FLAVOR} + +USES= python +USE_GITHUB= yes +GH_ACCOUNT= anthonyharrison +GH_PROJECT= distro2SBOM +USE_PYTHON= autoplist concurrent pep517 + +NO_ARCH= yes + +.include <bsd.port.mk> diff --git a/security/py-distro2sbom/distinfo b/security/py-distro2sbom/distinfo new file mode 100644 index 000000000000..77fc17d09d58 --- /dev/null +++ b/security/py-distro2sbom/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1746491634 +SHA256 (anthonyharrison-distro2SBOM-v0.6.0_GH0.tar.gz) = e810bf8bf29bd85f52e8df9221ababc4605affc5b7ea1177c15c580486c13057 +SIZE (anthonyharrison-distro2SBOM-v0.6.0_GH0.tar.gz) = 24911 diff --git a/security/py-distro2sbom/pkg-descr b/security/py-distro2sbom/pkg-descr new file mode 100644 index 000000000000..4f3c5b3f7bc9 --- /dev/null +++ b/security/py-distro2sbom/pkg-descr @@ -0,0 +1,10 @@ +The DISTRO2SBOM generates a SBOM (Software Bill of Materials) for either an +installed application or a complete system installation in a number of +formats including SPDX and CycloneDX. + +An SBOM for an installed package will identify all of its dependent components. + +It is intended to be used as part of a continuous integration system to enable +accurate records of SBOMs to be maintained and also to support subsequent +audit needs to determine if a particular component (and version) +has been used. diff --git a/security/py-lib4sbom/Makefile b/security/py-lib4sbom/Makefile new file mode 100644 index 000000000000..b4a0f5a61a6d --- /dev/null +++ b/security/py-lib4sbom/Makefile @@ -0,0 +1,86 @@ +PORTNAME= lib4sbom +DISTVERSIONPREFIX= v +DISTVERSION= 0.8.7 +CATEGORIES= security python +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= tuukka.pasanen@ilmi.fi +COMMENT= Software bill of material (SBOM) generator and consumer library +WWW= https://github.com/anthonyharrison/lib4sbom + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE + +BUILD_DEPENDS= ${PY_SETUPTOOLS} \ + ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}defusedxml>0:devel/py-defusedxml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}pyyaml>0:devel/py-pyyaml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}requests>=2.32:www/py-requests@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}semantic-version>=2.8<3:devel/py-semantic-version@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}xmlschema>0:textproc/py-xmlschema@${PY_FLAVOR} + +USES= python +USE_GITHUB= yes +GH_ACCOUNT= anthonyharrison +USE_PYTHON= autoplist concurrent pep517 pytest +PYTEST_BROKEN_TESTS= test_set_checksum test_set_type test_set_supplier \ + test_set_originator test_set_downloadlocation \ + test_set_homepage test_set_checksum \ + test_set_checksum_multiple test_set_externalreference \ + test_set_checksum test_set_type test_set_supplier \ + test_set_originator test_set_downloadlocation \ + test_set_homepage test_set_checksum \ + test_set_checksum_multiple test_set_externalreference +# There is blank tests are are not implemented yet +PYTEST_IGNORED_TESTS= test_store test_getBOM test_generateTime \ + test_generateDocumentHeader \ + test_generateJSONDocumentHeader \ + test_generateXMLDocumentHeader \ + test_generateRelationship test_generateComponent \ + test_generateJSONComponent test_generateXMLComponent \ + test_parse test_parse_cyclonedx_json test_get_format \ + test_get_type test_generate test_get_sbom \ + test_generate_spdx test_get_spdx test_get_relationships \ + test_get_cyclonedx test_generate_cyclonedx test_close \ + test_file_out test_console_out test_show \ + test_format_json_data test_format_yaml_data \ + test_format_tag_data test_send_output \ + test_generate_output test_parse_file test_get_type \ + test_get_files test_get_packages test_get_relationships \ + test_show test_getBOM test_getRelationships \ + test_generateTag test_generateComment test_generateTime \ + test_generateTagDocumentHeader \ + test_generateJSONDocumentHeader \ + test_generateDocumentHeader test_package_ident \ + test_file_ident test_license_ident \ + test_generateTagPackageDetails \ + test_generateJSONPackageDetails \ + test_generateTagFileDetails \ + test_generateJSONFileDetails \ + test_generatePackageDetails test_generateFileDetails \ + test_generateRelationship test_showRelationship \ + test_parse test_parse_spdx_tag test_parse_spdx_json \ + test_parse_spdx_rdf test_parse_spdx_yaml \ + test_parse_spdx_xml + +NO_ARCH= YES + +PORTEXAMPLES= * + +OPTIONS_DEFINE= EXAMPLES + +post-patch: + ${MV} ${WRKSRC}/test ${WRKSRC}/${PORTNAME} + ${MV} ${WRKSRC}/tools ${WRKSRC}/${PORTNAME} + +post-patch-EXAMPLES-off: + @${RM} -r ${WRKSRC}/examples + +post-stage-EXAMPLES-on: + ${RM} -r ${STAGEDIR}${PYTHONPREFIX_SITELIBDIR}/examples + @${MKDIR} ${STAGEDIR}${EXAMPLESDIR} + ${INSTALL_DATA} ${WRKSRC}/examples/* ${STAGEDIR}${EXAMPLESDIR} + @${REINPLACE_CMD} -e '/\/examples\//d' \ + ${WRKDIR}/.PLIST.pymodtmp + +.include <bsd.port.mk> diff --git a/security/py-lib4sbom/distinfo b/security/py-lib4sbom/distinfo new file mode 100644 index 000000000000..5fe6d1866858 --- /dev/null +++ b/security/py-lib4sbom/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1752670734 +SHA256 (anthonyharrison-lib4sbom-v0.8.7_GH0.tar.gz) = 20b4dec06a8d1bd917cf9ebcf9858d53981073e161a0a0d77f9c1704ecde784e +SIZE (anthonyharrison-lib4sbom-v0.8.7_GH0.tar.gz) = 1848916 diff --git a/security/py-lib4sbom/pkg-descr b/security/py-lib4sbom/pkg-descr new file mode 100644 index 000000000000..1fcb07927c3b --- /dev/null +++ b/security/py-lib4sbom/pkg-descr @@ -0,0 +1,17 @@ +Lib4SBOM is a library to parse and generate Software Bill of Materials (SBOMs). +It supports SBOMs created in both SPDX and CycloneDX formats. + +It has been developed on the assumption that having a generic abstraction of +SBOM regardless of the underlying format will be useful to developers. + +The following facilities are provided: + * Generate SPDX SBOM in TagValue, JSON and YAML formats + * Generate CycloneDX SBOM in JSON format + * Parse SPDX SBOM in TagValue, JSON, YAML, XML and RDF formats + * Parse CycloneDX SBOM in JSON and XMLformat + * Create and manipulate a SBOM file object + * Create and manipulate a SBOM package object + * Create and manipulate a SBOM dependency relationship object + * Create and manipulate a Vulnerability object + * Create and manipulate a Software Service object + * Generated SBOM can be output to a file or to the console diff --git a/security/rubygem-acme-client-gitlab/Makefile b/security/rubygem-acme-client-gitlab/Makefile index 321ed2a0b252..d7bb794558d2 100644 --- a/security/rubygem-acme-client-gitlab/Makefile +++ b/security/rubygem-acme-client-gitlab/Makefile @@ -1,6 +1,5 @@ PORTNAME= acme-client -PORTVERSION= 2.0.21 -PORTREVISION= 1 +PORTVERSION= 2.0.22 CATEGORIES= security rubygems MASTER_SITES= RG PKGNAMESUFFIX= -gitlab diff --git a/security/rubygem-acme-client-gitlab/distinfo b/security/rubygem-acme-client-gitlab/distinfo index 5bb6fc7d5332..71f01bae6c87 100644 --- a/security/rubygem-acme-client-gitlab/distinfo +++ b/security/rubygem-acme-client-gitlab/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1744780787 -SHA256 (rubygem/acme-client-2.0.21.gem) = e0a044f993cd26f0ba7f8b13a3b2b007ef864cfaa333075a2d8865b087297641 -SIZE (rubygem/acme-client-2.0.21.gem) = 21504 +TIMESTAMP = 1752678379 +SHA256 (rubygem/acme-client-2.0.22.gem) = 817534b743e2c93b3e498dad6b0f1a96a8e6df273bb04e37525d586a519176f7 +SIZE (rubygem/acme-client-2.0.22.gem) = 21504 diff --git a/security/rubygem-gitlab-cloud-connector/Makefile b/security/rubygem-gitlab-cloud-connector/Makefile index 17348ef607c0..2f1e70997dda 100644 --- a/security/rubygem-gitlab-cloud-connector/Makefile +++ b/security/rubygem-gitlab-cloud-connector/Makefile @@ -1,5 +1,5 @@ PORTNAME= gitlab-cloud-connector -PORTVERSION= 1.19.0 +PORTVERSION= 1.21.0 CATEGORIES= security rubygems MASTER_SITES= RG diff --git a/security/rubygem-gitlab-cloud-connector/distinfo b/security/rubygem-gitlab-cloud-connector/distinfo index b702ac666f5a..3d7702e96bc0 100644 --- a/security/rubygem-gitlab-cloud-connector/distinfo +++ b/security/rubygem-gitlab-cloud-connector/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1750912646 -SHA256 (rubygem/gitlab-cloud-connector-1.19.0.gem) = cfa644b4d827062f5c625d391ca3e6904e7667f0f6efe96adab81e051d8d07ad -SIZE (rubygem/gitlab-cloud-connector-1.19.0.gem) = 18432 +TIMESTAMP = 1752678296 +SHA256 (rubygem/gitlab-cloud-connector-1.21.0.gem) = 16eb2a42f223c6c70efc20a8fd9e2bbe4fa91603894daa8a72f354f425a07709 +SIZE (rubygem/gitlab-cloud-connector-1.21.0.gem) = 19456 diff --git a/security/sudo-rs/Makefile b/security/sudo-rs/Makefile index 5d6bb16de08b..773a9fe74501 100644 --- a/security/sudo-rs/Makefile +++ b/security/sudo-rs/Makefile @@ -1,7 +1,6 @@ PORTNAME= sudo-rs -PORTVERSION= 0.2.6 +PORTVERSION= 0.2.7 DISTVERSIONPREFIX= v -PORTREVISION= 2 CATEGORIES= security MAINTAINER= marc@trifectatech.org @@ -13,8 +12,6 @@ LICENSE_COMB= dual LICENSE_FILE_APACHE20= ${WRKSRC}/LICENSE-APACHE LICENSE_FILE_MIT= ${WRKSRC}/LICENSE-MIT -BUILD_DEPENDS= pandoc:${PORTSDIR}/textproc/hs-pandoc - FLAVORS= default coexist FLAVOR?= ${FLAVORS:[1]} coexist_PKGNAMESUFFIX= -coexist @@ -24,11 +21,10 @@ USES= cargo USE_GITHUB= yes GH_ACCOUNT= trifectatechfoundation -GH_TAGNAME= main CARGO_CRATES= diff-0.1.13 \ glob-0.3.2 \ - libc-0.2.172 \ + libc-0.2.174 \ log-0.4.27 \ pretty_assertions-1.4.1 \ yansi-1.0.1 @@ -52,17 +48,11 @@ PORTDOCS= CHANGELOG.md CONTRIBUTING.md COPYRIGHT LICENSE-* README.md \ OPTIONS_DEFINE= DOCS -post-build: -.for man in sudo.8 visudo.8 sudoers.5 - @${MKDIR} ${WRKDIR}/docs/man - pandoc -s -t man ${WRKSRC}/docs/man/${man}.md -o ${WRKDIR}/docs/man/${man} -.endfor - post-install: ${MV} ${STAGEDIR}${PREFIX}/bin/visudo ${STAGEDIR}${PREFIX}/sbin/visudo${RS_SUFFIX} - ${INSTALL_MAN} ${WRKDIR}/docs/man/sudo.8 ${STAGEDIR}${PREFIX}/share/man/man8/sudo${RS_SUFFIX}.8 - ${INSTALL_MAN} ${WRKDIR}/docs/man/visudo.8 ${STAGEDIR}${PREFIX}/share/man/man8/visudo${RS_SUFFIX}.8 - ${INSTALL_MAN} ${WRKDIR}/docs/man/sudoers.5 ${STAGEDIR}${PREFIX}/share/man/man5/sudoers${RS_SUFFIX}.5 + ${INSTALL_MAN} ${WRKSRC}/docs/man/sudo.8.man ${STAGEDIR}${PREFIX}/share/man/man8/sudo${RS_SUFFIX}.8 + ${INSTALL_MAN} ${WRKSRC}/docs/man/visudo.8.man ${STAGEDIR}${PREFIX}/share/man/man8/visudo${RS_SUFFIX}.8 + ${INSTALL_MAN} ${WRKSRC}/docs/man/sudoers.5.man ${STAGEDIR}${PREFIX}/share/man/man5/sudoers${RS_SUFFIX}.5 ${MKDIR} ${STAGEDIR}${PREFIX}/etc/sudoers.d ${MKDIR} ${STAGEDIR}${PREFIX}/etc/pam.d ${MKDIR} ${STAGEDIR}/var/run/sudo diff --git a/security/sudo-rs/distinfo b/security/sudo-rs/distinfo index 7162c3e88c85..8861ccd86ae0 100644 --- a/security/sudo-rs/distinfo +++ b/security/sudo-rs/distinfo @@ -1,15 +1,15 @@ -TIMESTAMP = 1746636640 +TIMESTAMP = 1752137205 SHA256 (rust/crates/diff-0.1.13.crate) = 56254986775e3233ffa9c4d7d3faaf6d36a2c09d30b20687e9f88bc8bafc16c8 SIZE (rust/crates/diff-0.1.13.crate) = 46216 SHA256 (rust/crates/glob-0.3.2.crate) = a8d1add55171497b4705a648c6b583acafb01d58050a51727785f0b2c8e0a2b2 SIZE (rust/crates/glob-0.3.2.crate) = 22359 -SHA256 (rust/crates/libc-0.2.172.crate) = d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa -SIZE (rust/crates/libc-0.2.172.crate) = 791646 +SHA256 (rust/crates/libc-0.2.174.crate) = 1171693293099992e19cddea4e8b849964e9846f4acee11b3948bcc337be8776 +SIZE (rust/crates/libc-0.2.174.crate) = 779933 SHA256 (rust/crates/log-0.4.27.crate) = 13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94 SIZE (rust/crates/log-0.4.27.crate) = 48120 SHA256 (rust/crates/pretty_assertions-1.4.1.crate) = 3ae130e2f271fbc2ac3a40fb1d07180839cdbbe443c7a27e1e3c13c5cac0116d SIZE (rust/crates/pretty_assertions-1.4.1.crate) = 78952 SHA256 (rust/crates/yansi-1.0.1.crate) = cfe53a6657fd280eaa890a3bc59152892ffa3e30101319d168b781ed6529b049 SIZE (rust/crates/yansi-1.0.1.crate) = 75497 -SHA256 (trifectatechfoundation-sudo-rs-v0.2.6-main_GH0.tar.gz) = e50131984916f272c5bdf376b5093e42bca29cce066431f4902ae60edb5a0df5 -SIZE (trifectatechfoundation-sudo-rs-v0.2.6-main_GH0.tar.gz) = 712201 +SHA256 (trifectatechfoundation-sudo-rs-v0.2.7_GH0.tar.gz) = d4e7b49634bf9c8a897a26afe85118ef941ff0914765b8720798821d2fe8c402 +SIZE (trifectatechfoundation-sudo-rs-v0.2.7_GH0.tar.gz) = 736981 diff --git a/security/tscli/Makefile b/security/tscli/Makefile index ee95dd798f73..45cb45cbfb11 100644 --- a/security/tscli/Makefile +++ b/security/tscli/Makefile @@ -1,7 +1,6 @@ PORTNAME= tscli DISTVERSIONPREFIX= v -DISTVERSION= 0.0.12 -PORTREVISION= 1 +DISTVERSION= 0.0.13 CATEGORIES= security MAINTAINER= dtxdf@FreeBSD.org @@ -14,6 +13,8 @@ LICENSE_FILE= ${WRKSRC}/LICENSE USES= go:modules GO_MODULE= github.com/jaxxstorm/tscli GO_TARGET= ./cmd/tscli:tscli +GO_BUILDFLAGS= -ldflags "\ + -X 'github.com/jaxxstorm/tscli/pkg/version.Version=${DISTVERSIONPREFIX}${DISTVERSION}'" PLIST_FILES= bin/tscli diff --git a/security/tscli/distinfo b/security/tscli/distinfo index c862bdf3bdab..6fe138063978 100644 --- a/security/tscli/distinfo +++ b/security/tscli/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1751921200 -SHA256 (go/security_tscli/tscli-v0.0.12/v0.0.12.mod) = 4a82a5521c3fa8eb69ab3e22c18b32be4850ade70791cb0a74fd480c44752d68 -SIZE (go/security_tscli/tscli-v0.0.12/v0.0.12.mod) = 3162 -SHA256 (go/security_tscli/tscli-v0.0.12/v0.0.12.zip) = dc19e7ffdc880bce5b0d527acdaebf8070a01a8af0830a52e4764712407479a4 -SIZE (go/security_tscli/tscli-v0.0.12/v0.0.12.zip) = 112412 +TIMESTAMP = 1752625691 +SHA256 (go/security_tscli/tscli-v0.0.13/v0.0.13.mod) = 4a82a5521c3fa8eb69ab3e22c18b32be4850ade70791cb0a74fd480c44752d68 +SIZE (go/security_tscli/tscli-v0.0.13/v0.0.13.mod) = 3162 +SHA256 (go/security_tscli/tscli-v0.0.13/v0.0.13.zip) = 6468bb6f8ed78c6c08b0125334644b309ce69a61310c9b6240d10bebc67969b5 +SIZE (go/security_tscli/tscli-v0.0.13/v0.0.13.zip) = 115698 diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index cd55eae1edf2..62da17cbd37a 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,40 @@ + <vuln vid="e27ee4fc-cdc9-45a1-8242-09898cdbdc91"> + <topic>unbound -- Cache poisoning via the ECS-enabled Rebirthday Attack</topic> + <affects> + <package> + <name>unbound</name> + <range><gt>1.6.1</gt><lt>1.23.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>sep@nlnetlabs.nl reports:</p> + <blockquote cite="https://nlnetlabs.nl/downloads/unbound/CVE-2025-5994.txt"> + <p>A multi-vendor cache poisoning vulnerability named 'Rebirthday + Attack' has been discovered in caching resolvers that support + EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled + with ECS support, i.e., '--enable-subnet', AND configured + to send ECS information along with queries to upstream name servers, + i.e., at least one of the 'send-client-subnet', + 'client-subnet-zone' or 'client-subnet-always-forward' + options is used. Resolvers supporting ECS need to segregate outgoing + queries to accommodate for different outgoing ECS information. This + re-opens up resolvers to a birthday paradox attack (Rebirthday + Attack) that tries to match the DNS transaction ID in order to cache + non-ECS poisonous replies.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-5994</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-5994</url> + </references> + <dates> + <discovery>2025-07-16</discovery> + <entry>2025-07-18</entry> + </dates> + </vuln> + <vuln vid="aeac223e-60e1-11f0-8baa-8447094a420f"> <topic>liboqs -- Secret-dependent branching in HQC</topic> <affects> @@ -132,15 +169,15 @@ <affects> <package> <name>libxml2</name> - <range><lt>3.0</lt></range> <!-- needs update once fixed version appears --> + <range><lt>2.14.5</lt></range> </package> <package> <name>linux-c7-libxml2</name> - <range><lt>3.0</lt></range> <!-- needs update once fixed version appears --> + <range><lt>2.14.5</lt></range> <!-- needs update once fixed version appears --> </package> <package> <name>linux-rl9-libxml2</name> - <range><lt>3.0</lt></range> <!-- needs update once fixed version appears --> + <range><lt>2.14.5</lt></range> <!-- needs update once fixed version appears --> </package> </affects> <description> @@ -187,6 +224,7 @@ <dates> <discovery>2025-05-27</discovery> <entry>2025-07-12</entry> + <modified>2025-07-15</modified> </dates> </vuln> @@ -266,18 +304,15 @@ <affects> <package> <name>tomcat110</name> - <range><gt>11.0.0</gt></range> - <range><lt>11.0.9</lt></range> + <range><ge>11.0.0</ge><lt>11.0.9</lt></range> </package> <package> <name>tomcat101</name> - <range><gt>10.1.0</gt></range> - <range><lt>10.1.43</lt></range> + <range><ge>10.1.0</ge><lt>10.1.43</lt></range> </package> <package> <name>tomcat9</name> - <range><gt>9.0.0</gt></range> - <range><lt>9.0.107</lt></range> + <range><ge>9.0.0</ge><lt>9.0.107</lt></range> </package> </affects> <description> @@ -310,6 +345,7 @@ <dates> <discovery>2025-07-10</discovery> <entry>2025-07-10</entry> + <modified>2025-07-15</modified> </dates> </vuln> |